GDPR Compliance Solutions & Services

PossibleNOW and its sister company, CompliancePoint, offer technology solutions, consulting and audit services to help organizations prepare for compliance with the new GDPR rules which took effect on May 25, 2018.

It is vital that any organization who conducts business in the European Union understands the overall design of the GDPR and why preparing their technology and processes now for this new legislation is so critical.

What is the GDPR?

The General Data Protection Regulation (GDPR) is a regulation that is intended to strengthen data protection for individuals within European Union (EU) countries. The primary objectives of the GDPR are to give people more control over their personal data, to help protect personal data from the risk of loss, and to unify regulatory privacy and data requirements within the EU.

Why is the GDPR needed?

Today's technology is much different than it was 20 years ago. No one could have predicted how the Internet, smartphones and the widespread use of social media applications such as Facebook and Twitter could have global implications.

As a Regulation, the GDPR enacts a uniform data security law across the EU. Each EU country will no longer need to pass their own legislation for data security; the GDPR will be the guiding law. However, EU countries can still regulate certain types of data such as health data.

California Consumer Privacy Act (CCPA)

Also known as AB 375, the California Consumer Privacy Act of 2018 was passed in California and is anticipated to go into effect on January 1, 2020. The Act focuses exclusively on data collection and privacy, very similar to the European Union’s General Data Protection Regulation (GDPR). The Act gives residents of California the ability to bring a civil action against companies that violate the Act, and states that fines could be between $100-750 per violation – or higher, if more damage can be proven. In addition, the state of California can bring charges against a noncompliant company directly. Those fines could be up to $7,500 for each alleged violation not resolved within 30 days.

My business isn’t located in California. Why should I be concerned?

Well, California by itself is the 5th largest economy in the world. If you do business in California or collect data from California residents you need to comply. So, ignoring the California statues and marketplace regulations is unlikely to be an option. There’s good news however – the CCPA is largely in line with GDPR, so if your business is GDPR compliant, you’re probably in good shape for CCPA.

Mobile & TCPA Compliance

Mobile phones are an integral part of our lifestyles. But marketing to mobile devices presents some unique regulatory challenges. The Federal Communications Commission (FCC) now requires that a company obtain written consent from a consumer before using an automatic telephone dialing system to deliver any type of ad, telemarketing call or text message to any mobile device.

The new FCC rules mean that marketers can no longer rely on oral or implied consent. Implied consent refers to the assumption that a consumer who provides a mobile phone number to a company is willing to be called on that device. Neither oral nor implied consent now meet the FCC's TCPA compliance rules for prior express written consent.

In addition, the FCC requires that marketers maintain records of the consent.

Because so many consumers today have dropped the use of landlines and rely solely on their cell phones, this can present a challenge for marketers. In fact, over 50% of US homes do not have a landline.

PossibleNOW offers 2 solutions for mobile & TCPA compliance: Mobile Consent which identifies a mobile phone number so that you can capture consent as required by law and Mobile Scoring which helps ensure that a customer who provided you with express consent is still associated with that mobile phone number.

Do Not Contact

PossibleNOW's cloud-based compliance solutions enable marketers of any size to ensure compliance with relevant consumer privacy legislation including federal and state Do Not Call laws and the CAN-SPAM Act.

Get comprehensive Do Not Contact compliance across multiple marketing channels including phone, email, mail, fax, and text messaging. This helps ensure compliance across the enterprise including internal operations, call centers and with third party vendors such as lead generators.

A marketing department of one? We have you covered, too, with compliance solutions designed for individual agents or branch offices.

List Management

Keeping up with the demands of Do Not Call compliance is complex and time-consuming. Take advantage of PossibleNOW's expertise in consumer regulatory compliance, especially as it relates to Do Not Call compliance. Our Do Not Call List Management Service saves you time and effort.

We dedicate significant resources to maintain the most current and comprehensive Do Not Call databases including the FTC Do Not Call Registry and all relevant state lists. Our thorough and stringent processes include redundant checks on all critical steps in the process to acquire and update Do Not Call lists. We are so confident about our processes that we warrant the accuracy and timeliness of the Do Not Call databases.

Using our Do Not Call List Management Service provides these benefits:

Simplifies your compliance efforts. We do the work for you!

Customized for your specific needs. We compile and maintain any Do Not Call lists that you licensed based on your specifications and calling requirements—including optional lists such as the NeuStar Wireless Portability list or your own company-specific Do Not Call list.

With more effective management of your company-specific Do Not Call list, you may be able to reclaim phone numbers that are now callable—all within the scope of the law. By "reclaiming" phone numbers, you increase your revenue opportunities.